Описание
virt-v2v before 0.8.4 does not preserve the VNC console password when converting a guest, which allows local users to bypass the intended VNC authentication by connecting without a password.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | virt-v2v | Affected | ||
| Red Hat Enterprise Linux 6 | virt-v2v | Fixed | RHSA-2011:1615 | 05.12.2011 |
Показывать по
10
Дополнительная информация
Статус:
Low
https://bugzilla.redhat.com/show_bug.cgi?id=702754virt-v2v: vnc password protection is missing after vm conversion
3.7 Low
CVSS2
Связанные уязвимости
nvd
больше 11 лет назад
virt-v2v before 0.8.4 does not preserve the VNC console password when converting a guest, which allows local users to bypass the intended VNC authentication by connecting without a password.
github
больше 3 лет назад
virt-v2v before 0.8.4 does not preserve the VNC console password when converting a guest, which allows local users to bypass the intended VNC authentication by connecting without a password.
oracle-oval
больше 13 лет назад
ELSA-2011-1615: virt-v2v security and bug fix update (LOW)
3.7 Low
CVSS2